There are many computing environments having multiple applications that need to interact with each other. There needs to be a mechanism to protect the applications and their protected resources, while still allowing interaction between the applications. One protection mechanism is to execute each bundle of applications in its own execution context. This technique is referred to as “context isolation.”
Context isolation means that a first application, or application instance, cannot access protected resources owned by a second application, or application instance, in another execution context unless the second application explicitly provides an interface for access to the protected resources. As used herein, the terms “application” and “application instance” are sometimes used interchangeably, even though the term “application instance” may specifically refer to an instance of an application while the term “application” may generally refer to a computer program that can give rise to many instances of itself at runtime.
Isolation of execution contexts may be enforced by a security mechanism such as a firewall. To share a protected resource with a client application in another execution context, a server application can provide a shareable interface object (SIO) to the client application. The firewall allows the protected resource to be passed based on the fact that the SIO is being used to pass the protected resource. As used herein, the term “protected resources” refers to SIO objects, data, methods, classes, protected functionality, instances of classes, static methods of classes, or a combination thereof.
Smart cards are an example platform in which an application developer may wish to allow an application to interact with another application in a different isolated execution context. Smart cards are wallet-size or smaller devices with embedded integrated circuits. A smart card typically comprises a processor and memory. Smart cards come with various tamper-resistant properties and are capable of storing vital information and hosting sensitive applications in a secure manner. Additional security is provided by smart cards implementing the Java Card technology with the aforementioned firewall/context isolation scheme.
However, context isolation does not provide fine-grained protection such as application specific protection. That is, in the context isolation scheme alone, all server applications in an execution context would treat all client applications in another execution context in the same way. But, in reality, different server applications in a single execution context may have different security requirements. One such server application may not be as critical as another such server application, even though both are in the same execution context. Similarly, different client applications in a single execution context may carry different credentials. One such client application may by its nature require more privilege than another client application.
Under limited circumstances, security specific to an application may be programmatically provided by the application itself. For example, a server application may contain program logic to determine whether a client application is one the server application would allow or whether a specific protected resource requires additional layer of authentication and authorization when authenticating a client application. However, this programmatic approach of application specific security requires that the program logic be implemented by an application developer in the server application before deployment. Since the developer might not fully know about specific types of clients a server application would encounter in the real world at runtime, new versions of the server application must be frequently developed and upgraded to cope with new clients and new security requirements.
Therefore, it would be desirable to allow for fine-grain, application specific security in a flexible, complementary manner in a system that has already built in coarse-grain security based on context isolation.